mirror of
https://github.com/drduh/YubiKey-Guide.git
synced 2024-12-22 13:48:06 +00:00
commit
fb01a87112
@ -1983,6 +1983,13 @@ export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
|
|||||||
gpgconf --launch gpg-agent
|
gpgconf --launch gpg-agent
|
||||||
```
|
```
|
||||||
|
|
||||||
|
If you use fish, the correct lines for your `config.fish` would look like this (consider putting them into the `is-interactive` block depending on your use case):
|
||||||
|
```fish
|
||||||
|
set -x GPG_TTY (tty)
|
||||||
|
set -x SSH_AUTH_SOCK (gpgconf --list-dirs agent-ssh-socket)
|
||||||
|
gpgconf --launch gpg-agent
|
||||||
|
```
|
||||||
|
|
||||||
Note that if you use `ForwardAgent` for ssh-agent forwarding, `SSH_AUTH_SOCK` only needs to be set on the *local* laptop (workstation), where the YubiKey is plugged in. On the *remote* server that we SSH into, `ssh` will automatically set `SSH_AUTH_SOCK` to something like `/tmp/ssh-mXzCzYT2Np/agent.7541` when we connect. We therefore do **NOT** manually set `SSH_AUTH_SOCK` on the server - doing so would break [SSH Agent Forwarding](#remote-machines-ssh-agent-forwarding).
|
Note that if you use `ForwardAgent` for ssh-agent forwarding, `SSH_AUTH_SOCK` only needs to be set on the *local* laptop (workstation), where the YubiKey is plugged in. On the *remote* server that we SSH into, `ssh` will automatically set `SSH_AUTH_SOCK` to something like `/tmp/ssh-mXzCzYT2Np/agent.7541` when we connect. We therefore do **NOT** manually set `SSH_AUTH_SOCK` on the server - doing so would break [SSH Agent Forwarding](#remote-machines-ssh-agent-forwarding).
|
||||||
|
|
||||||
If you use `S.gpg-agent.ssh` (see [SSH Agent Forwarding](#remote-machines-ssh-agent-forwarding) for more info), `SSH_AUTH_SOCK` should also be set on the *remote*. However, `GPG_TTY` should not be set on the *remote*, explanation specified in that section.
|
If you use `S.gpg-agent.ssh` (see [SSH Agent Forwarding](#remote-machines-ssh-agent-forwarding) for more info), `SSH_AUTH_SOCK` should also be set on the *remote*. However, `GPG_TTY` should not be set on the *remote*, explanation specified in that section.
|
||||||
|
Loading…
Reference in New Issue
Block a user